<?php
/**
 * Order Handler - Unified order operations
 */
session_start();
require_once '../config/database.php';
require_once '../includes/functions.php';
requireAdmin();

header('Content-Type: application/json');

if ($_SERVER['REQUEST_METHOD'] === 'POST') {
    $input = json_decode(file_get_contents('php://input'), true);
    $action = $input['action'] ?? $_POST['action'] ?? '';
    $order_id = $_POST['order_id'] ?? $input['order_id'] ?? 0;
    
    try {
        if ($action === 'update_status') {
            $status = $input['status'] ?? $_POST['status'] ?? '';
            $stmt = $pdo->prepare("UPDATE orders SET status = ? WHERE id = ?");
            $stmt->execute([$status, $order_id]);
            echo json_encode(['success' => true, 'message' => 'Order status updated']);
            exit;
        }
    } catch (PDOException $e) {
        echo json_encode(['success' => false, 'message' => $e->getMessage()]);
        exit;
    }
}

header('Location: orders.php');

